We are excited to announce that we have launched our new Hive Community! HiveNation will remain as an archive, but all new posts, discussions, and articles will be created on Hive Community. You can visit our new community at thehivecommunity.aerohive.com

Free Bonjour Gateway: FAQ and Troubleshooting Guide

Following are some FAQs and troubleshooting tips for Free Bonjour Gateway users.

1) About the Product

What is the Aerohive’s Free Bonjour Gateway?
Aerohive’s free Bonjour Gateway is software that runs on the customer’s already-installed VMWare infrastructure. The Bonjour Gateway enables management and control of Apple’s “Zero-Configuration Networking” technology, called Bonjour®, to advertise services such as AirPrintTM and AirPlay® across multi-subnet networks. The software can be installed in up to two virtual machine instances to propagate services across different network locations. A free cloud-based management account -HiveManager for Bonjour Gateway - is included, with simplified web interfaces that help administrators configure the services available, filter unwanted services, limit unnecessary traffic and monitor usage.

Why is a Bonjour Gateway necessary?
Apple's Bonjour protocol is built on multicast DNS, which is a Layer 2 non-routable protocol. This means that only clients on the same subnet as the AirPrint and AirPlay enabled devices can see those services. On a network that has multiple segments, however, the multicast DNS advertisements will not reach users on different subnets. Enterprises, schools, universities and many other environments are typically built with multiple subnets, meaning that although Apple services may be available to users, they won’t ever know about them.

Who should use this product?
The target audience for the product is IT administrators, technologists or advanced users having Apple devices on multiple subnets and desiring to share Bonjour services across those networks. Users who are on a different subnet than the Apple TV or printer but still need to access displays, discover selected printers or print from a device like an iPad will find the Bonjour Gateway useful. IT administrators will be able to manage what services are available on behalf of users requiring connectivity such as teachers in schools or presenters looking to display content using AirPlay enabled screens, or office administrators looking to enable AirPrint services. IT administrators can propagate and re-advertise selected Bonjour services (such as AirPrint and AirPlay) for wide usage, while at the same time restrict undesired services such as BitTorrent, FTP, etc.

Why on a virtual machine?
The free Bonjour Gateway running in a virtual appliance reduces the cost of owning and enabling a solution, by eliminating the need for a separate hardware box. While Aerohive’s line of hardware and software products offer Bonjour Gateway capabilities, we are mindful of customers looking to solve this problem for smaller deployments and for those using different networking vendors. Please note that you don’t have to be an Aerohive customer to enable this solution, as long as your VMWare deployment meets the minimal hardware restrictions.

2) Installation

How do I get started?
The Bonjour Gateway is offered as a freeware to any customer who wants to deploy it. You must complete first a web registration. One of the things that you'll find in the web registration is verification that your VMWare installation meets the minimum restrictions. If it does, after completing the web registration a free cloud-based HiveManager account will be created and an email will be sent to you with the login details.

How do I download the software?
The HiverManager Online account will help you to download the Bonjour Gateway software to be installed on your VMWare virtual machine(s), as well as to configure and manage your Bonjour Gateway instances. You can install up to two virtual machine instances of the Bonjour Gateway in order to detect and propagate Bonjour services running in different network locations.

I am an existing Aerohive customer. Will this connect to my existing HiveManager instance?
The free Bonjour Gateway connects to a HiveManager instance that is simplified for Bonjour operations. If you are an existing Aerohive customer, you can ALREADY configure Bonjour Gateway functionality by using the AccessPoints or the Cloud VPN Gateway products that you already own. If you are still interested in trying the Free Bonjour Gateway for some other reason, however, you can register for an account.

What virtualization platforms are supported?
The software is tested in the free VMware vSphere HypervisorTM (ESXi) 4.1 or later. This software is available here. Please note that if you do not have the correct VMWare image installed, you cannot download the free Bonjour Gateway.

What are the Virtual Machine requirements?
Minimum Requirements?

What configuration do I need on the ESXi virtual machine?
Make sure that VLANs are enabled on the virtual switch (vSwitch) ESXi configuration options. For detailed instructions on how to setup the virtual machine, please look at the free Bonjour Gateway Configuration Guide.

What firewall ports need to be open?
Bonjour is a networking protocol that sends and receives network packets on UDP port 5353 (Multicast DNS). For a list of all network ports used by Apple’s devices and services visit this site.

For your Bonjour VM instance connecting to HiveManager on the Cloud You will need to open ports 80 TCP and 12222 UDP.

What other configuration is needed in my network?
The free Bonjour Gateway prevents administrators from having to make client modifications, reconfigure VLANs and/or modify multicast advertisements. The only requirement is to have already Bonjour enabled in one subnet and to make sure that a firewall is not blocking the required network ports.

What’s next after downloading the software?

Once the software is installed on your ESXi system:

Start up the virtual machine (VM)

Enter the activation code received in your registration email when prompted in the VM console

Enter the same activation code on your second Virtual Machine instance

If your network is configured with DHCP, the VM will automatically get an IP address; otherwise, configure an IP address, subnet mask and gateway in the VM console

After a few minutes the VM instance(s) will become visible in your HiveManager Online and a default Bonjour Policy will be pushed to them. From that point onwards, you can reconfigure the Bonjour Policy and push it to the VM instances via the Aerohive HiveManager GUIs.

How do Bonjour Gateway instances connect to HiveManager Online?
After the Bonjour Gateway VM instances acquire an IP address, they will attempt to establish connectivity with HiveManager Online using a secured CAPWAP protocol tunnel via HTTPS. They will become visible in your HiveManager account within a few minutes after getting started.

Do I need to run one or two VMWare instances of the Bonjour Gateway?
It depends. Think of Bonjour Gateway instances as sniffers on VLAN’s; you require as many instances as sniffer points required in your network to discover the VLAN’s and subnets of interest. If you deploy one Bonjour instance connected to a trunk port, and that port has visibility to two subnets and different VLAN’s then you would require only one Bonjour Gateway instance to scan the VLAN’s and bridge Bonjour Services between those subnets. For example, if you have a 3rd subnet that is not detectable from that trunk port then you would require to deploy a second Bonjour Gateway instance in that location to bridge that 3rd subnet to the services in the first instance. Please refer to the free Bonjour Configuration Guide for deployment examples.

How do I establish connectivity between two Bonjour Gateway instances?
After the two VM instances have started and they have established connectivity with HiveManager, they will be automatically provisioned to point to each other and start sharing Bonjour services according to your configured policy. Alternatively, you can point to each other using the VM console CLI commands.

I’m an existing Aerohive customer; can I do this with my existing HiveManager?
Bonjour Gateway capabilities are already integrated in Aerohive’s products such as AccessPoints and the Cloud VPN Gateway. Existing HiveManager customers can deploy HiveAP’s and CVG instances to share Bonjour services with larger scalability.

3) Management
How is the free Bonjour Gateway managed?
Monitoring and configuration functions are performed via Aerohive’s cloud-based HiveManager Online, with a simplified UI designed specifically for Bonjour Gateway management. Administrators do not need to worry about deploying another management station. Monitoring services and granular controls are possible via web UIs on the HiveManager.

Is there a charge for this HiveManager Online instance?
No, HiveManager Online is freely available.

How many Bonjour services, VLANS and subnets are supported?
The free Bonjour Gateway program initially supports deploying up to two instances of the virtualized software; however, given the recent demand we are working to increase this limit. Please contact us if you need more instances and we’ll increase it for your account. You require as many instances as “sniffer” points required in your network to discover the VLAN’s and subnets of interest. The free Bonjour Gateway supports propagating up to 500 Bonjour services (we can increase the limits if your case requires it). There are no VLAN limitations, however the 500 services limit includes VLANs re-advertisements. For example, if you have 50 services on VLAN 10 that need to be propagated to two other subnets corresponding to VLAN 20 and VLAN 30, then you’d be consuming already (50 x 3) = 150 services.

What if I run over the 500-services limit?
If you need higher limits please contact us. Aerohive offers Bonjour Gateway capabilities with higher scalability as part of their hardware and software portfolio. HiveAP’s and Branch Routers offer a hardware solution; Aerohive’s Cloud VPN Gateway offers a virtualized software solution for Bonjour Gateway functionality.

How many Bonjour Gateway instances can I install?
In its first release the Free Bonjour Gateway program limited you to install only 2 instances. That limit has been removed and now you can install up to 20 instances. Contact Aerohive community if you need more than that.

What about privacy?
HiveManager is used for monitoring the Bonjour services that are being used and for configuring which ones should be propagated or filtered. Aerohive’s HiveManager cloud-based platform does not collect the actual service traffic, so the customer data is kept private within the realm of your Bonjour Gateway instances in your network.

Does Bonjour Gateway require HiverManager and Aerohive’s Cloud to pass traffic?
No. HiveManager Online is used to monitor and configure the Bonjour Gateway instances but is not required for serving the Bonjour gateway functions within your network. A disconnection between HiveManager and your gateway instances will not stop the services from being advertised.

What about lifecycle operations?
HiveManager Online backs up your configurations in a secured account. Future upgrades and new functions will be made available to you via our HiveManager Online.

4) Troubleshooting

As of 10/11 Open Issues

*A known bug #19801 is currently affecting our Bonjour Gateway server, this is about services inconsistently detected. This will be fixed in a release ~early December, 2013.

The virtual machine is up but not visible in HiveManager Online

It will take couple of minutes for the VM instance connecting to HiveManager.

Verify that the VM has acquired an IP address via DHCP or configure it manually via the console.

Verify that your VM has connectivity to the Internet.

Verify that you have entered the activation code (received in your registration email), on the VM instance via the console.

Reboot the VM instance.

Apart from the HiveManager UI, how can I display the services detected by the Bonjour Gateway?
While using HiveManager is the preferred and simplest way to configure services, you can also log in to your Bonjour Gateway VM console and execute these CLI commands following their additional syntax options:

To show status: show bonjour-gateway status

To configure services: show bonjour-gateway service

To filter services: show bonjour-gateway filter

Bonjour services are not being advertised on the other subnet

Make sure the second Bonjour Gateway instance is up, has a valid IP address and are both connected to HiveManager.

Verify that both VM instances are showing in the HiveManager UI and bound to each other.

Verify that both VMs are pointing to each other by using CLI commands in the VM consoles.

Verify in HiveManager that a Bonjour policy has services enabled and was pushed to the VM instances, check the configuration status page to see when the last configuration push took place.

Verify that the Bonjour policy scans for VLANs where the actual Bonjour services are running.

Log in to both VM consoles and display the services detected using the CLI commands.

Some of the services are not re-advertised

Verify that the Bonjour configuration policy includes the intended servers.

Check that the policy includes scanning the VLANs where services are shown, contrast if the services working belong to a VLAN in particular.

Use the VLAN Probe Tool offered in the HiveManager Tools menu. You can perform a VLAN probe across a designated range of VLANs, the tool will report back if the VLANs are operational on the network

Is possible that you are running over the 500-services limit. Disable some of the services to check if others appear.

The free bonjour has a 16 VLAN detection limit. Check if you have configure and have more than that (the CVG and the AP will have a higher limit in the Nov'13 release)

What subnet mask are you using /24 /23, when you perform a show interface do you see the Virtual interfaces in the correct subnets.

Follow a more advanced sequence to troubleshoot (submitted on our community):

On the virtual machine Do a "no bonjour-gateway enable"
the bonjour-enable

then show bonjour-gateway status
until BDD changes from 0.0.0.0 to an IP
then check out the services [remember the number]
maybe cache the commands so it is quicker.
then show interface

then show interface Bdg0.1
show interface Bdg0.2
show interface Bdg0.3

to capture the IP addresses.

Then run
show tech to look at the logs

see if you see any logs with this
RMV or other BG related items

Is the AP running the BDD busy with clients as well?

I moved my BDD to remote closet area where not many clients will venture, and all my missing AppleTVs came back today.

Maybe doing the following might shed some light.
A. move the current BDD to a quiet location
B. replace BDD with another AP and there should be an election of a new BDD
C.No Spare just shut the port down for testing purposes and have a new BDD election.

also the BDD should have no impact on pinging wired AppleTVs or wireless for that matter, so maybe reboot the AppleTV in question.

=======

After making configuration changes in HiveManager they don’t seem to take effect.
Verify that you are effectively pushing the configuration to your Bonjour Gateway instances. Use the Guided Configuration GUI, hit Continue and in the “Configure and Update Devices” step, select your VM instances and selected the “Modify” option. The configuration will be pushed and you will see the update progress bar for each VM.

My environment requires a different solution, higher scalability, a hardware-based gateway or a commercially supported product, what to do?
Please contact an Aerohive representative for discussing your needs. Aerohive’s product portfolio offers integrated Bonjour Gateway capabilities today in AccessPoints, Branch Routers and a virtualized form-factor. The CVG image is a typical option for somebody looking to deploy a Bonjour Gateway in software form factor.

Still have a question?
If you are still having trouble configuring the free Bonjour Gateway, please check the Free Bonjour category on our community. You can also post any unanswered questions there.